AC-17(3): Managed Access Control Points
Control Family:
Parent Control:
Threats Addressed:
Baselines:
- Moderate
- High
Next Version:
- NIST Special Publication 800-53 Revision 5:
- AC-17(3): Managed Access Control Points
Control Statement
The information system routes all remote accesses through [Assignment: organization-defined number] managed network access control points.
Supplemental Guidance
Limiting the number of access control points for remote accesses reduces the attack surface for organizations. Organizations consider the Trusted Internet Connections (TIC) initiative requirements for external network connections.